Security remains an elusive property for many systems today. Despite the research efforts of the last decades, the tremendous progress made, for example in the area of cryptography, and the impressive security technology being deployed with modern operating systems, security problems have not gone away. One reason why security technology may not have been able to fulfill its promise may be a lack of integration with the existing systems, and in particular with the technologies for fault tolerance.
Although fault tolerance and security are both necessary attributes of dependable systems, these properties have traditionally been treated separately and lead to distinct and orthogonal research areas. Both research areas are based on formal models, but their separation has lead to different approaches on achieving and validating the respective properties, and the approaches have become the subject of different communities.
As one particular example, consider the area of fault-tolerant systems on the one hand and secure systems (in particular those using cryptography) on the other: Researchers in fault-tolerance often make statements about systems by treating cryptographic primitives as black boxes. This is done to keep the model tractable, i.e., to simplify analysis and (sometimes) avoid number and probability theory. In the area of safety-critical systems, such models have been successfully applied in practice, with support from automated analysis and verification tools. However, by abstracting away the basic properties of the cryptographic primitives, this severely constrains the ability to conduct rigorous security proofs. Various examples of the past show that by over-abstraction, important attributes got neglected, contributing to attack vulnerabilities in the resultant protocols.
The separate areas are only recently being viewed as complementary, with work underway to unify the two approaches. We mention the current work on tool-supported formal verification of cryptographic protocols and the concept of intrusion-tolerant systems, i.e., systems that continue to provide their service despite the corruption or failure of some of their parts.
As indicated by the above and confirmed by many researchers, there are strong similarities between the ways of modeling and handling uncertainty in the different areas of dependable systems. But there also seem to be fundamental tradeoffs that lead different communities into different directions.
Topics of the Seminar
The Dagstuhl seminar brought together researchers and practitioners from the different areas of dependability (in particular, from fault-tolerance, safety, security, and cryptography) in order to discuss the foundations of these areas, their similarities and differences. Some of the research questions discussed during the seminar included:
- What are the relations between safety, fault-tolerance, security, and cryptography with respect to methodologies and models?
- What classifications and metrics for dependability and security properties exist and how can they be compared?
- What are the differences between methods to specify, model and analyse fault-tolerant and secure systems?
- Under which circumstances can fault-tolerance techniques be used to achieve security and security methods be used to achieve fault-tolerance?
- What is the role of cryptography in the development of protocols that are both secure and fault-tolerant?
- Lorenzo Alvisi (University of Texas - Austin, US) [dblp]
- Emmaunuelle Anceaume (CAPS entreprise - Rennes, FR)
- Michael Backes (Universität des Saarlandes, DE) [dblp]
- Fevzi Belli (Universität Paderborn, DE)
- Zinaida Benenson (RWTH Aachen, DE) [dblp]
- Christian Cachin (IBM Research GmbH - Zürich, CH) [dblp]
- Gregory Chockler (IBM - Haifa, IL) [dblp]
- Yvo Desmedt (Univ. College London, GB)
- Yves Deswarte (LAAS - Toulouse, FR)
- Dan Dobre (TU Darmstadt, DE)
- Lucia Draque Penso (RWTH Aachen, DE)
- Klaus Echtle (Universität Duisburg-Essen, DE)
- Paulo Jorge Esteves-Veríssimo (University of Lisboa, PT) [dblp]
- Christof Fetzer (TU Dresden, DE) [dblp]
- Felix Freiling (Universität Mannheim, DE) [dblp]
- Dieter Gollmann (TU Hamburg-Harburg, DE) [dblp]
- Maritta Heisel (Universität Duisburg-Essen, DE) [dblp]
- Matti Hiltunen (AT&T Labs Research - Florham Park, US)
- Jaap-Henk Hoepman (Radboud University Nijmegen, NL) [dblp]
- Thorsten Holz (Universität Mannheim, DE) [dblp]
- Flavio Paiva Junqueira (University of California - San Diego, US) [dblp]
- Karama Kanoun (LAAS - Toulouse, FR) [dblp]
- Idit Keidar (Technion - Haifa, IL) [dblp]
- Petr Kouznetsov (MPI-SWS - Saarbrücken, DE)
- Klaus Kursawe (KU Leuven, BE) [dblp]
- Jean-Claude Laprie (LAAS - Toulouse, FR)
- Stefan Lucks (Universität Mannheim, DE) [dblp]
- Heiko Mantel (RWTH Aachen, DE) [dblp]
- Jörn Müller-Quade (KIT - Karlsruher Institut für Technologie, DE) [dblp]
- Harigovind V. Ramasamy (IBM Research GmbH - Zürich, CH)
- Brian Randell (University of Newcastle, GB)
- Ralf H. Reussner (KIT - Karlsruher Institut für Technologie, DE) [dblp]
- Luis Rodrigues (University of Lisboa, PT) [dblp]
- Ahmad-Reza Sadeghi (Ruhr-Universität Bochum, DE) [dblp]
- David Sands (Chalmers UT - Göteborg, SE) [dblp]
- Thomas Santen (TU Berlin, DE) [dblp]
- Elad Michael Schiller (Chalmers UT - Göteborg, SE)
- Nir Shavit (Tel Aviv University, IL) [dblp]
- Neeraj Suri (TU Darmstadt, DE) [dblp]
- Philippas Tsigas (Chalmers - Göteborg, SE) [dblp]
- Marko Vukolic (EPFL - Lausanne, CH) [dblp]
- Josef Widder (TU Wien, AT) [dblp]
- Jay Wylie (HP - Palo Alto, US)
- modelling / simulation
- security / cryptography
- semantics / formal methods
- verification / logic
- fault-tolerant systems
- distributed computing